Bitmex frustrates attack by the Lazarus group and exposes operational failures of the North Korean organization

Bybus.zoon1.com


By Angel di Matteo @Shadowargel

The platform documented the case, revealing utility elements so that other organizations can timely detect this type of event if they are presented.

***

  • Bitmex prevented a social engineering attack attributed to the group Lazarus
  • The attempt was detected thanks to the rapid reaction of a platform employee.
  • The analysis of the malicious code revealed errors that could expose the identity of the attackers.

Bitmex, The recognized cryptocurrency derivatives platform, said he had frustrated a social engineering attack attributed to the dreaded group Lazarus, The hacker collective linked to the North Korean regime.

About Hack attempt

According to a report published by the team of Bitmex In his official blog, the attempt, recently detected, would have been carried out through a fraudulent proposal received by an employee through LinkedIn

As indicated Bitmex, One of his employees was contacted under an alleged collaboration proposal for a market project NFT web -based. This agreement included executing a code that, after a rapid inspection, revealed suspicious fragments linked to malware.

“The objective was for the victim to execute the project code, which includes malicious code, on their computer”he explained Bitmex In his blog. Fortunately, the employee in question detected the threat and immediately notified the internal security team, which allowed to initiate a deeper technical investigation.

During the analysis of the attack, the team of Bitmex discovered that the malicious code corresponded to a variant previously identified as “Beavertail”, A tool associated with the group Lazarus According to research from the Unit 42 of Palo Alto Networks.

The hack focused on Collect credentials and IP addresses of the victims, storing them in a remote database. However, the technical carelessness of the attacker when configuring malware allowed researchers to track the original IP address of the aggressor. This operational failure turned out to be key to better understanding the movements of the attackers.

Bitmex He indicated that, after accessing this database, they designed a monitoring tool to identify new infections and observe behavior patterns. Thus, they managed to detect at least ten accounts potentially involved in the development and proof of malware.

A contrast between basic tactics and technical sophistication

The report highlights a duality within the operation of the group Lazarus: While their phishing campaigns may seem rudimentary, their post -exploitation techniques are considerably more advanced.

“The discovery of this Campaign of the Lazarus group shows a marked contrast between its basic level phishing strategies and its advanced post -exploitation techniques,” pointed out Bitmex This suggests that the group could be fragmented in subgroups with different levels of technical expertise.

Besides, Bitmex He warned that the attacker tried to reuse previously exposed components, which reveals a possible lack of coordination or excess confidence in his tactics.

Repercussions for industry and recent context

This incident occurs a few weeks after Coinbase will reveal an important user data filtration. According to estimates, this event could cost the company more than USD $ 400,000,000 in damages. The context has revived the debate on digital security and the need to strengthen protection measures on crypto platforms.

Security experts have emphasized that social engineering attacks, such as the one starring Lazarus, They are frequent and difficult to detect. Many recommend developing an active cybersecurity culture within companies in the sector, with constant training and rapid responses to suspicious incidents.

In fact, recently, the Exchange Kraken He also detected and documented Hack attempt in charge of an alleged member of the North Korean organization. In this case, the modus operandi was quite similar, although what betrayed the attacker was his nervous attitude to certain elements that were asked during the remote interview.

The persistent threat of the Lazarus group, added to the recent vulnerabilities of large platforms, highlights the challenges facing the industry to remain safe in an environment where the attacks become increasingly sophisticated.

Article written by a content editor. Edited by Angel Di Matteo / Diariobitcoin

Original image of Diariobitcoin, created with artificial intelligence, for free use, licensed under public domain.

WARNING: Diariobitcoin offers informative and educational content on various topics, including cryptocurrencies, AI, technology and regulations. We do not provide financial advice. Cryptactive investments are high risk and may not be adequate for all. Investigate, consult an expert and verify the applicable legislation before investing. I could lose all its capital.

Subscribe to our newsletter



Similar Posts

FTX will release USD $ 1.6 billion to creditors today and Crypto Market prepares

FTX will release USD $ 1.6 billion to creditors today and Crypto Market prepares

Bybus.zoon1.com

By Canuto FTX’s heritage confirmed the distribution of USD $ 1,600,000 to creditors this September 30, 2025, primarily in Stablecoins, in what constitutes the third round of payments under bankruptcy. *** FTX’s assets confirmed today, September 30, a payment for USD $ 1,600,000 to creditors. The markets are prepared for volatility due to the entry…

Training demand grows in Mexico and increases the importance of regulated brokers

Training demand grows in Mexico and increases the importance of regulated brokers

Bybus.zoon1.com

By Sponsor This article highlights the unprecedented growth of the trading market in Mexico, so it is necessary to have duly registered platforms to carry out operations safely. *** With the growing search to diversify income from young people, added to technological advances and the rapid digital transformation of the financial system, thousands of new…

Grayscale Ethereum ETF will see daily outflows of USD $110 million in its first days: Report – DiarioBitcoin

Grayscale Ethereum ETF will see daily outflows of USD $110 million in its first days: Report – DiarioBitcoin

Bybus.zoon1.com

By Angel Di Matteo @shadowargel According to analysts of Kaiko, it is reasonable that the ETF Ethereum of Grayscale replicate what happened with your GBTC after reaching the US stock market, and starting its first month in the red as investors and capital left. *** The ETF Ethereum of Grayscale will register its first month…

Sharps Technology announces shares for USD $ 100m while strengthening its position in Solana

Sharps Technology announces shares for USD $ 100m while strengthening its position in Solana

Bybus.zoon1.com

By Angel di Matteo @Shadowargel The measure seeks to strengthen confidence on investors. The purchase of the shares will be carried out in the open market, and will not compromise the treasury strategy in any way Solarium that has been carrying out. *** The repurchase will be made with purchases in open and negotiated market….

Warren Buffett will leave Berkshire Hathaway: Market Impact, Fed and main results

Warren Buffett will leave Berkshire Hathaway: Market Impact, Fed and main results

Bybus.zoon1.com

By Canuto The financial week is marked by the historic departure of Warren Buffett of Berkshire Hathaway, while investors expect the key monetary policy decision of the Federal Reserve and a wave of results of corporate giants such as Disney, Ford and AMD. With market -sensitive markets and economic policies, uncertainty will test the confidence…